Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 54174ef418 | |||
| 29d13371a8 | |||
| b71bf21b48 | |||
| ae12746ff2 | |||
| 4ffaabd6e6 | |||
| c647f76894 | |||
| c1c5d23f92 |
58
auth/auth.go
58
auth/auth.go
@@ -6,11 +6,11 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||||
"git.acooldomain.co/server-manager/backend/factories"
|
"git.acooldomain.co/server-manager/backend/factories"
|
||||||
|
"git.acooldomain.co/server-manager/backend/instancemanager"
|
||||||
"git.acooldomain.co/server-manager/backend/models"
|
"git.acooldomain.co/server-manager/backend/models"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
"github.com/golang-jwt/jwt"
|
"github.com/golang-jwt/jwt"
|
||||||
@@ -19,6 +19,7 @@ import (
|
|||||||
type AuthApi struct {
|
type AuthApi struct {
|
||||||
config models.GlobalConfig
|
config models.GlobalConfig
|
||||||
|
|
||||||
|
instanceManager instancemanager.InstanceManager
|
||||||
tokenHandler dbhandler.InviteTokenDbHandler
|
tokenHandler dbhandler.InviteTokenDbHandler
|
||||||
userAuthDbHandler dbhandler.UserPassAuthanticationDbHandler
|
userAuthDbHandler dbhandler.UserPassAuthanticationDbHandler
|
||||||
serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
|
serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
|
||||||
@@ -115,12 +116,17 @@ func (con AuthApi) signUp(ctx *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = con.tokenHandler.DeleteInviteToken(ctx, token.Token)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Failed to delete token %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
con.signIn(ctx)
|
con.signIn(ctx)
|
||||||
}
|
}
|
||||||
|
|
||||||
type SignInRequest struct {
|
type SignInRequest struct {
|
||||||
Username string
|
Username string `json:"username"`
|
||||||
Password string
|
Password string `json:"password"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (con AuthApi) signIn(ctx *gin.Context) {
|
func (con AuthApi) signIn(ctx *gin.Context) {
|
||||||
@@ -169,31 +175,23 @@ func (con AuthApi) Verify(ctx *gin.Context) {
|
|||||||
|
|
||||||
forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
|
forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
|
||||||
|
|
||||||
pathSegments := strings.Split(forwardedUri, "/")
|
fileBrowser, err := con.instanceManager.GetFileBrowserFromUrl(ctx, forwardedUri)
|
||||||
|
if err != nil {
|
||||||
|
ctx.AbortWithError(500, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
serverId, service := pathSegments[2], pathSegments[1]
|
fmt.Printf("%#v %s", claims, fileBrowser.ServerId)
|
||||||
|
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, fileBrowser.ServerId)
|
||||||
switch service {
|
if err != nil {
|
||||||
case "browsers":
|
ctx.AbortWithError(500, err)
|
||||||
fmt.Printf("%#v %s", claims, serverId)
|
return
|
||||||
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, serverId)
|
}
|
||||||
if err != nil {
|
if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
|
||||||
ctx.AbortWithError(500, err)
|
ctx.Header("X-Auth-Username", claims.Username)
|
||||||
return
|
log.Printf("Set header X-Username %s", claims.Username)
|
||||||
}
|
ctx.Status(200)
|
||||||
if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
|
return
|
||||||
ctx.Header("X-Auth-Username", claims.Username)
|
|
||||||
log.Printf("Set header X-Username %s", claims.Username)
|
|
||||||
ctx.Status(200)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
case "cloud":
|
|
||||||
if claims.Permissions&models.Cloud == models.Cloud || claims.Permissions&models.Admin == models.Admin {
|
|
||||||
log.Printf("Set header X-Username %s", claims.Username)
|
|
||||||
ctx.Header("X-Auth-Username", claims.Username)
|
|
||||||
ctx.Status(200)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
|
ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
|
||||||
@@ -210,6 +208,11 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
instanceManager, err := factories.GetInstanceManager(config.InstanceManager, config.Domain)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
|
inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
@@ -218,6 +221,7 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
|||||||
connection := AuthApi{
|
connection := AuthApi{
|
||||||
userAuthDbHandler: userAuthHandler,
|
userAuthDbHandler: userAuthHandler,
|
||||||
serverAuthDbHandler: serverAuthDbHandler,
|
serverAuthDbHandler: serverAuthDbHandler,
|
||||||
|
instanceManager: instanceManager,
|
||||||
tokenHandler: inviteHandler,
|
tokenHandler: inviteHandler,
|
||||||
config: config,
|
config: config,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
|
|||||||
return func(ctx *gin.Context) {
|
return func(ctx *gin.Context) {
|
||||||
claimsPointer, exists := ctx.Get("claims")
|
claimsPointer, exists := ctx.Get("claims")
|
||||||
if !exists {
|
if !exists {
|
||||||
ctx.AbortWithError(500, fmt.Errorf("Did not call LoggedIn first"))
|
ctx.AbortWithError(500, fmt.Errorf("did not call LoggedIn first"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -41,6 +41,5 @@ func AuthorizationEnforcer() gin.HandlerFunc {
|
|||||||
if !authorized.(bool) {
|
if !authorized.(bool) {
|
||||||
ctx.AbortWithStatus(403)
|
ctx.AbortWithStatus(403)
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,8 +21,8 @@ type ServersAuthorizationDbHandler struct {
|
|||||||
collection *mongo.Collection
|
collection *mongo.Collection
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
func (sa *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
||||||
_, err := self.collection.DeleteMany(
|
_, err := sa.collection.DeleteMany(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
@@ -32,8 +32,8 @@ func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, usern
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
|
func (sa *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
|
||||||
_, err := self.collection.DeleteMany(
|
_, err := sa.collection.DeleteMany(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
@@ -43,33 +43,33 @@ func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, ser
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
func (sa *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||||
var serverPermissions ServerPermissions
|
var serverPermissions ServerPermissions
|
||||||
err := self.collection.FindOne(
|
err := sa.collection.FindOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
).Decode(&serverPermissions)
|
).Decode(&serverPermissions)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
newPermissions := serverPermissions.Permissions | permissions
|
newPermissions := serverPermissions.Permissions | permissions
|
||||||
|
|
||||||
_, err = self.collection.UpdateOne(
|
_, err = sa.collection.UpdateOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
bson.M{"$set": bson.M{
|
bson.M{
|
||||||
"username": username,
|
"$set": bson.M{
|
||||||
"server_id": serverId,
|
"username": username,
|
||||||
"permissions": newPermissions,
|
"server_id": serverId,
|
||||||
},
|
"permissions": newPermissions,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
options.Update().SetUpsert(true),
|
options.Update().SetUpsert(true),
|
||||||
)
|
)
|
||||||
@@ -77,65 +77,68 @@ func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, u
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
func (sa *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||||
var serverPermissions ServerPermissions
|
var serverPermissions ServerPermissions
|
||||||
err := self.collection.FindOne(
|
err := sa.collection.FindOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
).Decode(&serverPermissions)
|
).Decode(&serverPermissions)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
newPermissions := serverPermissions.Permissions | permissions ^ permissions
|
newPermissions := serverPermissions.Permissions | permissions ^ permissions
|
||||||
|
|
||||||
_, err = self.collection.UpdateOne(
|
_, err = sa.collection.UpdateOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
bson.M{"$set": bson.M{
|
bson.M{
|
||||||
"permissions": newPermissions,
|
"$set": bson.M{
|
||||||
},
|
"permissions": newPermissions,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
func (sa *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||||
_, err := self.collection.UpdateOne(
|
_, err := sa.collection.UpdateOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
bson.M{"$set": bson.M{
|
bson.M{
|
||||||
"permissions": permissions,
|
"$set": bson.M{
|
||||||
},
|
"permissions": permissions,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (self *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
|
func (sa *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
|
||||||
var serverPermissions ServerPermissions
|
var serverPermissions ServerPermissions
|
||||||
|
|
||||||
err := self.collection.FindOne(
|
err := sa.collection.FindOne(
|
||||||
ctx,
|
ctx,
|
||||||
bson.M{
|
bson.M{
|
||||||
"username": username,
|
"username": username,
|
||||||
"server_id": serverId,
|
"server_id": serverId,
|
||||||
},
|
},
|
||||||
).Decode(&serverPermissions)
|
).Decode(&serverPermissions)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
if err == mongo.ErrNoDocuments {
|
||||||
|
return 0, nil
|
||||||
|
}
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -170,6 +170,11 @@ func (i *InviteTokenDbHandler) SaveInviteToken(ctx context.Context, email string
|
|||||||
return token, nil
|
return token, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (i *InviteTokenDbHandler) DeleteInviteToken(ctx context.Context, token string) error {
|
||||||
|
_, err := i.collection.DeleteOne(ctx, bson.M{"token": token})
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
func (i *InviteTokenDbHandler) GetInviteToken(ctx context.Context, token string) (*dbhandler.InviteToken, error) {
|
func (i *InviteTokenDbHandler) GetInviteToken(ctx context.Context, token string) (*dbhandler.InviteToken, error) {
|
||||||
var inviteToken InviteToken
|
var inviteToken InviteToken
|
||||||
err := i.collection.FindOne(ctx, bson.M{"token": token}).Decode(&inviteToken)
|
err := i.collection.FindOne(ctx, bson.M{"token": token}).Decode(&inviteToken)
|
||||||
|
|||||||
@@ -40,4 +40,5 @@ type UserPassAuthanticationDbHandler interface {
|
|||||||
type InviteTokenDbHandler interface {
|
type InviteTokenDbHandler interface {
|
||||||
SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error)
|
SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error)
|
||||||
GetInviteToken(ctx context.Context, token string) (*InviteToken, error)
|
GetInviteToken(ctx context.Context, token string) (*InviteToken, error)
|
||||||
|
DeleteInviteToken(ctx context.Context, token string) error
|
||||||
}
|
}
|
||||||
|
|||||||
2
go.mod
2
go.mod
@@ -60,6 +60,8 @@ require (
|
|||||||
go.opentelemetry.io/otel/metric v1.35.0 // indirect
|
go.opentelemetry.io/otel/metric v1.35.0 // indirect
|
||||||
go.opentelemetry.io/otel/sdk v1.35.0 // indirect
|
go.opentelemetry.io/otel/sdk v1.35.0 // indirect
|
||||||
go.opentelemetry.io/otel/trace v1.35.0 // indirect
|
go.opentelemetry.io/otel/trace v1.35.0 // indirect
|
||||||
|
go.uber.org/multierr v1.11.0 // indirect
|
||||||
|
go.uber.org/zap v1.27.0 // indirect
|
||||||
golang.org/x/oauth2 v0.28.0 // indirect
|
golang.org/x/oauth2 v0.28.0 // indirect
|
||||||
golang.org/x/sync v0.11.0 // indirect
|
golang.org/x/sync v0.11.0 // indirect
|
||||||
golang.org/x/time v0.11.0 // indirect
|
golang.org/x/time v0.11.0 // indirect
|
||||||
|
|||||||
4
go.sum
4
go.sum
@@ -196,6 +196,10 @@ go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt
|
|||||||
go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
|
go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
|
||||||
go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
|
go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
|
||||||
go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
|
go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
|
||||||
|
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
||||||
|
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||||
|
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||||
|
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||||
golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
|
golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
|
||||||
golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
|
golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
|
||||||
golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
|
golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
|
||||||
|
|||||||
@@ -656,6 +656,10 @@ func (im *InstanceManager) StopFileBrowser(ctx context.Context, serverId string)
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (im *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||||
|
return im.GetFileBrowser(ctx, strings.Split(url, "/")[1])
|
||||||
|
}
|
||||||
|
|
||||||
func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
|
func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
|
||||||
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -59,6 +59,7 @@ type InstanceManager interface {
|
|||||||
|
|
||||||
// Read Only
|
// Read Only
|
||||||
GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
|
GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
|
||||||
|
GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error)
|
||||||
ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
|
ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
|
||||||
|
|
||||||
// Status Changing
|
// Status Changing
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ package kubernetes
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"io"
|
"io"
|
||||||
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
@@ -250,22 +251,24 @@ func (i *InstanceManager) InteractiveTerminal(ctx context.Context, serverId stri
|
|||||||
req := i.coreV1Cli.CoreV1().RESTClient().
|
req := i.coreV1Cli.CoreV1().RESTClient().
|
||||||
Post().
|
Post().
|
||||||
Resource("pods").
|
Resource("pods").
|
||||||
Namespace(i.Config.Namespace).
|
|
||||||
Name(serverId).
|
Name(serverId).
|
||||||
|
Namespace(i.Config.Namespace).
|
||||||
SubResource("attach").
|
SubResource("attach").
|
||||||
VersionedParams(&corev1.PodAttachOptions{
|
VersionedParams(&corev1.PodAttachOptions{
|
||||||
Container: "server",
|
Stdin: true,
|
||||||
Stdin: true,
|
Stdout: true,
|
||||||
Stdout: true,
|
Stderr: true,
|
||||||
Stderr: true,
|
TTY: true,
|
||||||
TTY: true,
|
|
||||||
}, clientgoscheme.ParameterCodec)
|
}, clientgoscheme.ParameterCodec)
|
||||||
|
|
||||||
executor, err := remotecommand.NewSPDYExecutor(i.restCfg, "POST", req.URL())
|
executor, err := remotecommand.NewSPDYExecutor(i.restCfg, "POST", req.URL())
|
||||||
go func() {
|
go func() {
|
||||||
defer stdoutWriter.Close()
|
defer stdoutWriter.Close()
|
||||||
defer stdinReader.Close()
|
defer stdinReader.Close()
|
||||||
_ = executor.StreamWithContext(ctx, remotecommand.StreamOptions{Stdin: stdinReader, Stdout: stdoutWriter, Stderr: stdoutWriter, Tty: true, TerminalSizeQueue: queue})
|
err := executor.StreamWithContext(ctx, remotecommand.StreamOptions{Stdin: stdinReader, Stdout: stdoutWriter, Stderr: stdoutWriter, Tty: true, TerminalSizeQueue: queue})
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Failed to attach %e", err)
|
||||||
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -296,6 +299,18 @@ func (i *InstanceManager) GetFileBrowser(ctx context.Context, serverId string) (
|
|||||||
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (i *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||||
|
serverManager := &servermanagerv1.ServerManager{}
|
||||||
|
urlSegments := strings.Split(url, "/")
|
||||||
|
namespace, serverId := urlSegments[2], urlSegments[3]
|
||||||
|
err := i.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: serverId}, serverManager)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
|
func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
|
||||||
serverManagers := &servermanagerv1.ServerManagerList{}
|
serverManagers := &servermanagerv1.ServerManagerList{}
|
||||||
err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})
|
err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})
|
||||||
|
|||||||
26
logger/logger.go
Normal file
26
logger/logger.go
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
package logger
|
||||||
|
|
||||||
|
import (
|
||||||
|
"os"
|
||||||
|
|
||||||
|
"go.uber.org/zap"
|
||||||
|
"go.uber.org/zap/zapcore"
|
||||||
|
)
|
||||||
|
|
||||||
|
var Logger *zap.Logger
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
var cfg zap.Config
|
||||||
|
if os.Getenv("DEBUG") == "true" {
|
||||||
|
cfg = zap.NewDevelopmentConfig()
|
||||||
|
} else {
|
||||||
|
cfg = zap.NewProductionConfig()
|
||||||
|
}
|
||||||
|
cfg.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
||||||
|
var err error
|
||||||
|
Logger, err = cfg.Build()
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer Logger.Sync() // flushes buffer, if any
|
||||||
|
}
|
||||||
@@ -2,9 +2,7 @@ package servers
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
@@ -14,9 +12,11 @@ import (
|
|||||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||||
"git.acooldomain.co/server-manager/backend/factories"
|
"git.acooldomain.co/server-manager/backend/factories"
|
||||||
instancemanager "git.acooldomain.co/server-manager/backend/instancemanager"
|
instancemanager "git.acooldomain.co/server-manager/backend/instancemanager"
|
||||||
|
"git.acooldomain.co/server-manager/backend/logger"
|
||||||
"git.acooldomain.co/server-manager/backend/models"
|
"git.acooldomain.co/server-manager/backend/models"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
"github.com/gorilla/websocket"
|
"github.com/gorilla/websocket"
|
||||||
|
"go.uber.org/zap"
|
||||||
)
|
)
|
||||||
|
|
||||||
var upgrader = websocket.Upgrader{
|
var upgrader = websocket.Upgrader{
|
||||||
@@ -193,16 +193,12 @@ func (con ServersApi) GetServers(ctx *gin.Context) {
|
|||||||
server := serverConfigsMap[instanceServer.Id]
|
server := serverConfigsMap[instanceServer.Id]
|
||||||
|
|
||||||
var image ImageInfo
|
var image ImageInfo
|
||||||
log.Printf("server=%#v\t|\tinstanceServer=%#v", server, instanceServer)
|
|
||||||
|
|
||||||
if instanceServer.Running {
|
if instanceServer.Running {
|
||||||
image = ImageInfo{
|
image = ImageInfo{
|
||||||
Name: instanceServer.RunningImage.Registry,
|
Name: instanceServer.RunningImage.Registry,
|
||||||
Version: instanceServer.RunningImage.Tag,
|
Version: instanceServer.RunningImage.Tag,
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
log.Printf("serverImage:%#v", server.Image)
|
|
||||||
|
|
||||||
image = ImageInfo{
|
image = ImageInfo{
|
||||||
Name: server.Image.Registry,
|
Name: server.Image.Registry,
|
||||||
Version: server.Image.Tag,
|
Version: server.Image.Tag,
|
||||||
@@ -246,6 +242,7 @@ func (con ServersApi) DeleteServer(ctx *gin.Context) {
|
|||||||
|
|
||||||
err = con.ServersDbHandler.DeleteServer(ctx, serverId)
|
err = con.ServersDbHandler.DeleteServer(ctx, serverId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logger.Logger.Error("Failed to delete server", zap.String("ServerId", serverId), zap.Error(err))
|
||||||
ctx.AbortWithError(501, err)
|
ctx.AbortWithError(501, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@@ -262,13 +259,15 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
|
|||||||
err := json.NewDecoder(ctx.Request.Body).Decode(&request)
|
err := json.NewDecoder(ctx.Request.Body).Decode(&request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.AbortWithError(500, err)
|
ctx.AbortWithError(500, err)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
serverId := ctx.Param("server_id")
|
serverId := ctx.Param("server_id")
|
||||||
log.Print("Writing command \"", request.Command, "\"")
|
logger.Logger.Info("Writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
|
||||||
|
|
||||||
consolePointer, err := con.InstanceManager.InteractiveTerminal(ctx, serverId)
|
consolePointer, err := con.InstanceManager.InteractiveTerminal(ctx, serverId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logger.Logger.Error("Failed getting terminal", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
|
||||||
ctx.AbortWithError(500, err)
|
ctx.AbortWithError(500, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@@ -278,10 +277,12 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
|
|||||||
|
|
||||||
_, err = console.Conn.Write([]byte(request.Command + "\n"))
|
_, err = console.Conn.Write([]byte(request.Command + "\n"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logger.Logger.Error("Failed writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
|
||||||
ctx.AbortWithError(500, err)
|
ctx.AbortWithError(500, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
logger.Logger.Info("Successfully wrote command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
|
||||||
ctx.JSON(200, "OK")
|
ctx.JSON(200, "OK")
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -301,8 +302,9 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
|||||||
|
|
||||||
defer func() {
|
defer func() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("The latest error is %s", err)
|
logger.Logger.Error("Interactive Terminal latest error", zap.Error(err))
|
||||||
}
|
}
|
||||||
|
|
||||||
close(websocketRead)
|
close(websocketRead)
|
||||||
close(containerRead)
|
close(containerRead)
|
||||||
}()
|
}()
|
||||||
@@ -375,7 +377,7 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
|||||||
case "insert":
|
case "insert":
|
||||||
_, err = hijacked.Conn.Write([]byte(Command.Arguments))
|
_, err = hijacked.Conn.Write([]byte(Command.Arguments))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Write to docker failed %s", errors.Unwrap(err))
|
logger.Logger.Error("Write to docker failed", zap.Error(err))
|
||||||
|
|
||||||
stop = true
|
stop = true
|
||||||
break
|
break
|
||||||
@@ -400,13 +402,13 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
|||||||
|
|
||||||
err2 = hijacked.ResizerFunc(width, height)
|
err2 = hijacked.ResizerFunc(width, height)
|
||||||
if err2 != nil {
|
if err2 != nil {
|
||||||
log.Printf("Failed to resize container to %dx%d: %s", width, height, err)
|
logger.Logger.Error("Failed to resize container", zap.Uint("width", width), zap.Uint("height", height), zap.Error(err))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
case data := <-containerRead:
|
case data := <-containerRead:
|
||||||
err := ws.WriteJSON(data)
|
err := ws.WriteJSON(data)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Write to socket failed %s", errors.Unwrap(err))
|
logger.Logger.Error("Write to socket failed", zap.Error(err))
|
||||||
stop = true
|
stop = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -442,7 +444,7 @@ func (con ServersApi) UpdateServer(ctx *gin.Context) {
|
|||||||
for user, permissions := range request.UserPermissions {
|
for user, permissions := range request.UserPermissions {
|
||||||
err = con.ServerAuthorization.SetPermissions(ctx, user, serverId, permissions)
|
err = con.ServerAuthorization.SetPermissions(ctx, user, serverId, permissions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("failed to change user %s permissions for server %s due to %e", user, serverId, err)
|
logger.Logger.Error("failed to change user's server permissions", zap.String("user", user), zap.String("ServerId", serverId), zap.Error(err))
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user